zero_trust
Even after users are are past the firewall into the network, they should still have to authenticate, prove their identity, before accessing any resource in particular. Either something they know (password), something they have (2fa), or something they are (biometric)
You can also establish this sort of system with a series of zones. Such as inside the corporate office, they have implicit trust.
Policy Enforcement Point: the place where you check information about the network request such as IP address or auth headers.
Policy Decision Point: the decision whether or not to allow the bundle of attributes gathered at the policy enforcement point into your system
zero_trust.txt · Last modified: by reidjs